#0 - April 27, 2010, 7:38 p.m.
I opened a ticket with Blizzard, got a response within 12 hours, they're looking at it. As a good measure of F-you from the hackers, they put an authenticator on the account, so even when I did try to log in, I couldn't log in to the game, battle.net the forums, anything WoW related because I don't have the authenticator. This gave me the idea that maybe $6.50 isn't too much for an authenticator to keep my account unmolested, so I am ordering an authenticator for my account... though I hear folks are getting hacked even with them.
Luckily, Blizzards automated emails sent me notices that my password had been changed and after some hinky stuff done in game on my account, they locked it down. It took 11 minutes from the time the password was changed to the time the account was locked. That is impressive!! I only wish they had some piece of security involved that would look to see where the account is being logged in from, and, perhaps block it if it's nowhere remotely close to where the normal activity originates from, or even have a security question set up when it is being accessed from somewhere else. I do travel for work sometimes, and sometimes log in from other states. I have no idea where the hackers that got my account are from, but, logistically speaking, if I am in the states, and within 5 hours of me logging off, someone in China or India or South Africa tries to log into my account, there's no physical way I could have traveled that far in that amount of time to allow for this. I say say these places in particular, because this morning I had friend requests on facebook from people in each of these countries that I did not know stating WoW as an interest though we had no similar friends, groups, or feeds. All were denied. :)
What did the hackers do, you ask? They totally cleared off my Priest, most of my Paladin, most of my DK, and about half of my Rogue (as per the wowarmory, I have no ideas about my banks or bags). I contacted my guild leader in Vent and explained the situation, they checked and sure enough, the hackers got to the guild bank, cleaning out all they could with my bank access. An interesting point here, they cleared out the green gems on one tab, and only a few blue gems before my daily takes from the GB were filled for that tab. This tells me either the hacker wasn't paying attention, or a program was doing the taking from the GB. My guild leader opened a ticket for the guild bank items and I explained in my ticket to Blizzard they did this, so it wouldn't look like I was trying to scam them. We've had this happen one other time to our guild, and we've since learned to put crappy items at the beginning of the tab, and more expensive/rare items at the end of it. So far, it's saved a lot of heartache.
I've since gone over my computer with a few programs to clean it up, though, there was nothing to really clean, and the programs found nothing, but... I have a Curse folder (I manually load items from Curse, and don't use the Curse client) in my add-ons folder that I cannot delete, even with admin rights. I'll be destroying it from the backend tonight once I get home, I'm smarter than the dang computer, but, apparently not smarter than the hackers. I still have a few things to check after going through the registry and program files after using AV programs, Malware programs and Ccleaner.
I checked my RL bank account (had my identity stolen once and the fookers bought millions of WoW gold with my hard earned money, that was luckily returned), my social network pages, email accounts, and changed all the passwords from a different computer in case my main machine has a keylogger somewhere on it, and will be changing my battle.net email today as well.
Having had friends that have been hacked, all the items destroyed/sold/traded, etc, including guild bank items, will be returned, they just need to check the game logs. In my ticket to Blizzard I told them the last time I was online and anything after that time was not me. It gave them a timeline to start checking for account usage. The more information they have, the faster and more apt they'll be able to perform their tasks for returning account status back to where it was before the hackers got to it.
Blizzard has awesome customer service, I've dealt with them a few times in the past and have nothing but good things to say about them, as did my friends who have dealt with them. It's just the downtime of not being able to play that can be frustrating for some folks. I've consigned myself to not having a playable character for at least a week. Though I have control of the account again (I've reset the password and the authenticator has been removed from the account), it's still locked for another 2 days, and it may take upwards of 4 more days after that before my gear is returned. Mind you, that may not include the multiple sets of gear I had for DPS/Tank/Heal on 4 characters that were cleaned out.
So far, so good, though, I merely did the trial account to publish this and give hope to others that have been hacked. Though you may not be able to play right this second, if you give Blizzard enough time, they should be able to replace everything (though I think my gold is gone for good, but, a day or two of dailies on all my 80's will have that replenished), it's just having the patience to let them get it done.
I know it's frustrating, I'm going through it now, but I've realized I have a week of time I get to use to catch up on all sorts of menial tasks that slide down the 'Honey-Do' list so I can play. I can accomplish a lot in 7 days, and then I get to re-evaluate how much time I play once everything gets put back to normal.
I'll update this thread as things happen for me to give an accurate timeline for others that experience the thrills of being hacked!
